kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
841 Commits
12 Branches
38 MiB
 
 
 
 
 
 
Tree: 78e6978ab9
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '78e6978ab9'
${ noResults }
boringssl/crypto/x509/x509name.c

380 lines
11 KiB
Raw Blame History 

  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

  2.  * All rights reserved.

  3.  *

  4.  * This package is an SSL implementation written

  5.  * by Eric Young (eay@cryptsoft.com).

  6.  * The implementation was written so as to conform with Netscapes SSL.

  7.  *

  8.  * This library is free for commercial and non-commercial use as long as

  9.  * the following conditions are aheared to.  The following conditions

  10.  * apply to all code found in this distribution, be it the RC4, RSA,

  11.  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

  12.  * included with this distribution is covered by the same copyright terms

  13.  * except that the holder is Tim Hudson (tjh@cryptsoft.com).

  14.  *

  15.  * Copyright remains Eric Young's, and as such any Copyright notices in

  16.  * the code are not to be removed.

  17.  * If this package is used in a product, Eric Young should be given attribution

  18.  * as the author of the parts of the library used.

  19.  * This can be in the form of a textual message at program startup or

  20.  * in documentation (online or textual) provided with the package.

  21.  *

  22.  * Redistribution and use in source and binary forms, with or without

  23.  * modification, are permitted provided that the following conditions

  24.  * are met:

  25.  * 1. Redistributions of source code must retain the copyright

  26.  *    notice, this list of conditions and the following disclaimer.

  27.  * 2. Redistributions in binary form must reproduce the above copyright

  28.  *    notice, this list of conditions and the following disclaimer in the

  29.  *    documentation and/or other materials provided with the distribution.

  30.  * 3. All advertising materials mentioning features or use of this software

  31.  *    must display the following acknowledgement:

  32.  *    "This product includes cryptographic software written by

  33.  *     Eric Young (eay@cryptsoft.com)"

  34.  *    The word 'cryptographic' can be left out if the rouines from the library

  35.  *    being used are not cryptographic related :-).

  36.  * 4. If you include any Windows specific code (or a derivative thereof) from

  37.  *    the apps directory (application code) you must include an acknowledgement:

  38.  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

  41.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  43.  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

  44.  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

  45.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

  46.  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  47.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

  48.  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

  49.  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

  50.  * SUCH DAMAGE.

  51.  *

  52.  * The licence and distribution terms for any publically available version or

  53.  * derivative of this code cannot be changed.  i.e. this code cannot simply be

  54.  * copied and put under another distribution licence

  55.  * [including the GNU Public Licence.] */

  56. 

  57. #include <openssl/asn1.h>

  58. #include <openssl/err.h>

  59. #include <openssl/evp.h>

  60. #include <openssl/obj.h>

  61. #include <openssl/stack.h>

  62. #include <openssl/x509.h>

  63. 

  64. 

  65. int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len)

  66. 	{

  67. 	const ASN1_OBJECT *obj;

  68. 

  69. 	obj=OBJ_nid2obj(nid);

  70. 	if (obj == NULL) return(-1);

  71. 	return(X509_NAME_get_text_by_OBJ(name,obj,buf,len));

  72. 	}

  73. 

  74. int X509_NAME_get_text_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, char *buf,

  75. 	     int len)

  76. 	{

  77. 	int i;

  78. 	ASN1_STRING *data;

  79. 

  80. 	i=X509_NAME_get_index_by_OBJ(name,obj,-1);

  81. 	if (i < 0) return(-1);

  82. 	data=X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name,i));

  83. 	i=(data->length > (len-1))?(len-1):data->length;

  84. 	if (buf == NULL) return(data->length);

  85. 	memcpy(buf,data->data,i);

  86. 	buf[i]='\0';

  87. 	return(i);

  88. 	}

  89. 

  90. int X509_NAME_entry_count(X509_NAME *name)

  91. 	{

  92. 	if (name == NULL) return(0);

  93. 	return(sk_X509_NAME_ENTRY_num(name->entries));

  94. 	}

  95. 

  96. int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos)

  97. 	{

  98. 	const ASN1_OBJECT *obj;

  99. 

  100. 	obj=OBJ_nid2obj(nid);

  101. 	if (obj == NULL) return(-2);

  102. 	return(X509_NAME_get_index_by_OBJ(name,obj,lastpos));

  103. 	}

  104. 

  105. /* NOTE: you should be passsing -1, not 0 as lastpos */

  106. int X509_NAME_get_index_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj,

  107. 	     int lastpos)

  108. 	{

  109. 	int n;

  110. 	X509_NAME_ENTRY *ne;

  111. 	STACK_OF(X509_NAME_ENTRY) *sk;

  112. 

  113. 	if (name == NULL) return(-1);

  114. 	if (lastpos < 0)

  115. 		lastpos= -1;

  116. 	sk=name->entries;

  117. 	n=sk_X509_NAME_ENTRY_num(sk);

  118. 	for (lastpos++; lastpos < n; lastpos++)

  119. 		{

  120. 		ne=sk_X509_NAME_ENTRY_value(sk,lastpos);

  121. 		if (OBJ_cmp(ne->object,obj) == 0)

  122. 			return(lastpos);

  123. 		}

  124. 	return(-1);

  125. 	}

  126. 

  127. X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc)

  128. 	{

  129. 	if(name == NULL || loc < 0 || sk_X509_NAME_ENTRY_num(name->entries) <= (size_t) loc)

  130. 		return(NULL);

  131. 	else

  132. 		return(sk_X509_NAME_ENTRY_value(name->entries,loc));

  133. 	}

  134. 

  135. X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc)

  136. 	{

  137. 	X509_NAME_ENTRY *ret;

  138. 	int i,n,set_prev,set_next;

  139. 	STACK_OF(X509_NAME_ENTRY) *sk;

  140. 

  141. 	if (name == NULL || loc < 0 || sk_X509_NAME_ENTRY_num(name->entries) <= (size_t) loc)

  142. 		return(NULL);

  143. 	sk=name->entries;

  144. 	ret=sk_X509_NAME_ENTRY_delete(sk,loc);

  145. 	n=sk_X509_NAME_ENTRY_num(sk);

  146. 	name->modified=1;

  147. 	if (loc == n) return(ret);

  148. 

  149. 	/* else we need to fixup the set field */

  150. 	if (loc != 0)

  151. 		set_prev=(sk_X509_NAME_ENTRY_value(sk,loc-1))->set;

  152. 	else

  153. 		set_prev=ret->set-1;

  154. 	set_next=sk_X509_NAME_ENTRY_value(sk,loc)->set;

  155. 

  156. 	/* set_prev is the previous set

  157. 	 * set is the current set

  158. 	 * set_next is the following

  159. 	 * prev  1 1	1 1	1 1	1 1

  160. 	 * set   1	1	2	2

  161. 	 * next  1 1	2 2	2 2	3 2

  162. 	 * so basically only if prev and next differ by 2, then

  163. 	 * re-number down by 1 */

  164. 	if (set_prev+1 < set_next)

  165. 		for (i=loc; i<n; i++)

  166. 			sk_X509_NAME_ENTRY_value(sk,i)->set--;

  167. 	return(ret);

  168. 	}

  169. 

  170. int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,

  171. 			unsigned char *bytes, int len, int loc, int set)

  172. {

  173. 	X509_NAME_ENTRY *ne;

  174. 	int ret;

  175. 	ne = X509_NAME_ENTRY_create_by_OBJ(NULL, obj, type, bytes, len);

  176. 	if(!ne) return 0;

  177. 	ret = X509_NAME_add_entry(name, ne, loc, set);

  178. 	X509_NAME_ENTRY_free(ne);

  179. 	return ret;

  180. }

  181. 

  182. int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,

  183. 			unsigned char *bytes, int len, int loc, int set)

  184. {

  185. 	X509_NAME_ENTRY *ne;

  186. 	int ret;

  187. 	ne = X509_NAME_ENTRY_create_by_NID(NULL, nid, type, bytes, len);

  188. 	if(!ne) return 0;

  189. 	ret = X509_NAME_add_entry(name, ne, loc, set);

  190. 	X509_NAME_ENTRY_free(ne);

  191. 	return ret;

  192. }

  193. 

  194. int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,

  195. 			const unsigned char *bytes, int len, int loc, int set)

  196. {

  197. 	X509_NAME_ENTRY *ne;

  198. 	int ret;

  199. 	ne = X509_NAME_ENTRY_create_by_txt(NULL, field, type, bytes, len);

  200. 	if(!ne) return 0;

  201. 	ret = X509_NAME_add_entry(name, ne, loc, set);

  202. 	X509_NAME_ENTRY_free(ne);

  203. 	return ret;

  204. }

  205. 

  206. /* if set is -1, append to previous set, 0 'a new one', and 1,

  207.  * prepend to the guy we are about to stomp on. */

  208. int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, int loc,

  209. 	     int set)

  210. 	{

  211. 	X509_NAME_ENTRY *new_name=NULL;

  212. 	int n,i,inc;

  213. 	STACK_OF(X509_NAME_ENTRY) *sk;

  214. 

  215. 	if (name == NULL) return(0);

  216. 	sk=name->entries;

  217. 	n=sk_X509_NAME_ENTRY_num(sk);

  218. 	if (loc > n) loc=n;

  219. 	else if (loc < 0) loc=n;

  220. 

  221. 	name->modified=1;

  222. 

  223. 	if (set == -1)

  224. 		{

  225. 		if (loc == 0)

  226. 			{

  227. 			set=0;

  228. 			inc=1;

  229. 			}

  230. 		else

  231. 			{

  232. 			set=sk_X509_NAME_ENTRY_value(sk,loc-1)->set;

  233. 			inc=0;

  234. 			}

  235. 		}

  236. 	else /* if (set >= 0) */

  237. 		{

  238. 		if (loc >= n)

  239. 			{

  240. 			if (loc != 0)

  241. 				set=sk_X509_NAME_ENTRY_value(sk,loc-1)->set+1;

  242. 			else

  243. 				set=0;

  244. 			}

  245. 		else

  246. 			set=sk_X509_NAME_ENTRY_value(sk,loc)->set;

  247. 		inc=(set == 0)?1:0;

  248. 		}

  249. 

  250. 	if ((new_name=X509_NAME_ENTRY_dup(ne)) == NULL)

  251. 		goto err;

  252. 	new_name->set=set;

  253. 	if (!sk_X509_NAME_ENTRY_insert(sk,new_name,loc))

  254. 		{

  255. 		OPENSSL_PUT_ERROR(X509, X509_NAME_add_entry, ERR_R_MALLOC_FAILURE);

  256. 		goto err;

  257. 		}

  258. 	if (inc)

  259. 		{

  260. 		n=sk_X509_NAME_ENTRY_num(sk);

  261. 		for (i=loc+1; i<n; i++)

  262. 			sk_X509_NAME_ENTRY_value(sk,i-1)->set+=1;

  263. 		}	

  264. 	return(1);

  265. err:

  266. 	if (new_name != NULL)

  267. 		X509_NAME_ENTRY_free(new_name);

  268. 	return(0);

  269. 	}

  270. 

  271. X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,

  272. 		const char *field, int type, const unsigned char *bytes, int len)

  273. 	{

  274. 	ASN1_OBJECT *obj;

  275. 	X509_NAME_ENTRY *nentry;

  276. 

  277. 	obj=OBJ_txt2obj(field, 0);

  278. 	if (obj == NULL)

  279. 		{

  280. 		OPENSSL_PUT_ERROR(X509, X509_NAME_ENTRY_create_by_txt, X509_R_INVALID_FIELD_NAME);

  281. 		ERR_add_error_data(2, "name=", field);

  282. 		return(NULL);

  283. 		}

  284. 	nentry = X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len);

  285. 	ASN1_OBJECT_free(obj);

  286. 	return nentry;

  287. 	}

  288. 

  289. X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,

  290. 	     int type, unsigned char *bytes, int len)

  291. 	{

  292. 	const ASN1_OBJECT *obj;

  293. 	X509_NAME_ENTRY *nentry;

  294. 

  295. 	obj=OBJ_nid2obj(nid);

  296. 	if (obj == NULL)

  297. 		{

  298. 		OPENSSL_PUT_ERROR(X509, X509_NAME_ENTRY_create_by_NID, X509_R_UNKNOWN_NID);

  299. 		return(NULL);

  300. 		}

  301. 	nentry = X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len);

  302. 	/* TODO(fork): remove this? */

  303. 	/* ASN1_OBJECT_free(obj); */

  304. 	return nentry;

  305. 	}

  306. 

  307. X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,

  308. 	     const ASN1_OBJECT *obj, int type, const unsigned char *bytes, int len)

  309. 	{

  310. 	X509_NAME_ENTRY *ret;

  311. 

  312. 	if ((ne == NULL) || (*ne == NULL))

  313. 		{

  314. 		if ((ret=X509_NAME_ENTRY_new()) == NULL)

  315. 			return(NULL);

  316. 		}

  317. 	else

  318. 		ret= *ne;

  319. 

  320. 	if (!X509_NAME_ENTRY_set_object(ret,obj))

  321. 		goto err;

  322. 	if (!X509_NAME_ENTRY_set_data(ret,type,bytes,len))

  323. 		goto err;

  324. 

  325. 	if ((ne != NULL) && (*ne == NULL)) *ne=ret;

  326. 	return(ret);

  327. err:

  328. 	if ((ne == NULL) || (ret != *ne))

  329. 		X509_NAME_ENTRY_free(ret);

  330. 	return(NULL);

  331. 	}

  332. 

  333. int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj)

  334. 	{

  335. 	if ((ne == NULL) || (obj == NULL))

  336. 		{

  337. 		OPENSSL_PUT_ERROR(X509, X509_NAME_ENTRY_set_object, ERR_R_PASSED_NULL_PARAMETER);

  338. 		return(0);

  339. 		}

  340. 	ASN1_OBJECT_free(ne->object);

  341. 	ne->object=OBJ_dup(obj);

  342. 	return((ne->object == NULL)?0:1);

  343. 	}

  344. 

  345. int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,

  346. 	     const unsigned char *bytes, int len)

  347. 	{

  348. 	int i;

  349. 

  350. 	if ((ne == NULL) || ((bytes == NULL) && (len != 0))) return(0);

  351. 	if((type > 0) && (type & MBSTRING_FLAG)) 

  352. 		return ASN1_STRING_set_by_NID(&ne->value, bytes,

  353. 						len, type,

  354. 					OBJ_obj2nid(ne->object)) ? 1 : 0;

  355. 	if (len < 0) len=strlen((const char *)bytes);

  356. 	i=ASN1_STRING_set(ne->value,bytes,len);

  357. 	if (!i) return(0);

  358. 	if (type != V_ASN1_UNDEF)

  359. 		{

  360. 		if (type == V_ASN1_APP_CHOOSE)

  361. 			ne->value->type=ASN1_PRINTABLE_type(bytes,len);

  362. 		else

  363. 			ne->value->type=type;

  364. 		}

  365. 	return(1);

  366. 	}

  367. 

  368. ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne)

  369. 	{

  370. 	if (ne == NULL) return(NULL);

  371. 	return(ne->object);

  372. 	}

  373. 

  374. ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne)

  375. 	{

  376. 	if (ne == NULL) return(NULL);

  377. 	return(ne->value);

  378. 	}